This work describes the security architecture of MOSAIC, a protocol for clinical data exchange with multilateral agreement support. The blocks of the architecture are derived from a series of common attacks that can be done to the protocol. The fair exchange problem of the protocol is analyzed introducing the management messages that the agents must exchange in order to authorize or not the use of data. Due to multilateral agreements, loops can appear in the negotiation stage of the protocol. We describe the mechanisms to manage this loops, and we propose a solution to avoid that malicious agents can take advantage when there is a loop in the negotiation stage of the protocol.